A system, method, and computer program product are provided for preventing data leakage utilizing a map of data. In use, information describing data stored on at least one system is received. To this end, a map of the data is generated, utilizing the information. Further, data leakage is prevented, utilizing the map.
Legal claims defining the scope of protection, as filed with the USPTO.
1. A method, comprising: receiving information describing data stored on at least one system; generating a baseline map of the data, utilizing the information; generating a current map that reflects a network map, wherein generating the baseline map and the current map includes mapping a location of the data to a categorization of the data, and wherein the location of the data includes an internet protocol address associated with the at least one system; comparing the baseline map to the current map prior to receiving a request to transmit at least some of the data, wherein the comparing includes: identifying differences in categorizations for documents between the baseline map and the current map with respect to their respective locations on a plurality of different file servers; and preventing a transfer of the documents over a network based on the differences in the categorizations for the documents between the baseline map and the current map.
2. The method of claim 1 , wherein the data includes at least one file.
3. The method of claim 1 , wherein the data includes at least one electronic mail message.
4. The method of claim 1 , wherein the information includes a categorization of the data.
5. The method of claim 4 , wherein the categorization is associated with criteria.
6. The method of claim 5 , wherein the criteria is predetermined.
7. The method of claim 6 , wherein the criteria is based on a selected document.
8. The method of claim 4 , wherein the categorization is associated with a group within an organization.
9. The method of claim 1 , wherein the information includes a statistical analysis of the data.
10. The method of claim 9 , wherein the statistical analysis indicates a number of occurrences of at least one predetermined keyword within the data.
11. The method of claim 1 , wherein the data is stored on a single system.
12. The method of claim 1 , wherein the data is stored on a group of systems.
13. The method of claim 1 , wherein the location of the data further includes at least one of a pathname associated with the data, a user name, and a machine name.
14. The method of claim 1 , wherein the information describing the data is identified by parsing the data.
15. The method of claim 1 , further comprising accessing a policy, which indicates an allowable threshold number of differences between the baseline map and the current map, for permitting a transmission of at least some of the data.
16. The method of claim 15 , wherein data leakage is conditionally prevented based on the policy.
17. The method of claim 1 , wherein data leakage is prevented by securing the data.
18. Logic embodied on a tangible non-transitory computer readable medium for performing operations, comprising: receiving information describing data stored on at least one system; generating a baseline map of the data, utilizing the information; generating a current map that reflects a network map, wherein generating the baseline map and the current map includes mapping a location of the data to a categorization of the data, and wherein the location of the data includes an internet protocol address associated with the at least one system; comparing the baseline map to the current map prior to receiving a request to transmit at least some of the data, wherein the comparing includes: identifying differences in categorizations for documents between the baseline map and the current map with respect to their respective locations on a plurality of different file servers; and preventing a transfer of the documents over a network based on the differences in the categorizations for the documents between the baseline map and the current map.
19. The tangible non-transitory computer readable medium of claim 18 , wherein the data includes at least one file.
20. The tangible non-transitory computer readable medium of claim 18 , wherein the data includes at least one electronic mail message.
21. The tangible non-transitory computer readable medium of claim 18 , wherein the information includes a categorization of the data.
22. The tangible non-transitory computer readable medium of claim 21 , wherein the categorization is associated with criteria and the criteria is predetermined.
23. The tangible non-transitory computer readable medium of claim 18 , wherein the information includes a statistical analysis of the data.
24. The tangible non-transitory computer readable medium of claim 23 , wherein the statistical analysis indicates a number of occurrences of at least one predetermined keyword within the data.
25. The tangible non-transitory computer readable medium of claim 18 , wherein generating the baseline map includes mapping a location of the data to a categorization of the data.
26. The tangible non-transitory computer readable medium of claim 18 , wherein the location of the data includes at least one of a pathname associated with the data, a user name, and a machine name.
27. The tangible non-transitory computer readable medium of claim 18 , the operations further comprising accessing a policy, which indicates an allowable threshold number of differences between the baseline map and the current map, for permitting a transmission of at least some of the data.
28. A central server, comprising: a baseline map of data stored in a memory; a current map of data stored in the memory; a processor communicatively coupled to the memory; logic communicatively coupled to the processor to: receive information describing data stored on at least one system, generate a baseline map of the data, utilizing the information, and generate a current map that reflects a network map, wherein generating the baseline map and the current map includes mapping a location of the data to a categorization of the data, and wherein the location of the data includes an internet protocol address associated with the at least one system, compare the baseline map to the current map prior to receiving a request to transmit at least some of the data, wherein the compare includes: identifying differences in categorizations for documents between the baseline map and the current map with respect to their respective locations on a plurality of different file servers; and prevent a transfer of the documents over a network based on the differences in the categorizations for the documents between the baseline map and the current map.
29. The central server of claim 28 , wherein the data includes at least one file.
30. The central server of claim 28 , wherein the data includes at least one electronic mail message.
31. The central server of claim 28 , wherein the information includes a categorization of the data.
32. The central server of claim 31 , wherein the categorization is associated with criteria and the criteria is predetermined.
33. The central server of claim 28 , wherein the information includes a statistical analysis of the data.
34. The central server of claim 33 , wherein the statistical analysis indicates a number of occurrences of at least one predetermined keyword within the data.
35. The central server of claim 28 , wherein generating the baseline map includes mapping a location of the data to a categorization of the data.
36. The central server of claim 28 , wherein the location of the data includes at least one of a pathname associated with the data, a user name, and a machine name.
37. The central server of claim 28 , the logic being communicatively coupled to the processor to access a policy, which indicates an allowable threshold number of differences between the baseline map and the current map, for permitting a transmission of at least some of the data.
Cooperative Patent Classification codes for this invention. Click any code to explore related patents in that topic.
May 22, 2007
July 29, 2014
Browse 5M+ US patents with plain-English claim translations and AI-generated analysis.